Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,779
Maven
5,000+
npm
4,380
NuGet
770
pip
4,159
Pub
12
RubyGems
963
Rust
1,071
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,411 advisories

Loading
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows... High Unreviewed
CVE-2019-25245 was published Dec 24, 2025
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-13703 was published Dec 24, 2025
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to... High Unreviewed
CVE-2022-50690 was published Dec 23, 2025
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate... High Unreviewed
CVE-2023-53949 was published Dec 19, 2025
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service.... High Unreviewed
CVE-2025-13941 was published Dec 19, 2025
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory,... Low Unreviewed
CVE-2025-68462 was published Dec 18, 2025
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25... Moderate Unreviewed
CVE-2025-67794 was published Dec 18, 2025
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an... High Unreviewed
CVE-2025-34288 was published Dec 17, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43470 was published Dec 12, 2025
BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their... High Unreviewed
CVE-2025-13733 was published Dec 12, 2025
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4).... Low Unreviewed
CVE-2025-40818 was published Dec 9, 2025
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0... Moderate Unreviewed
CVE-2025-8148 was published Dec 5, 2025
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new... High Unreviewed
CVE-2025-20386 was published Dec 3, 2025
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new... High Unreviewed
CVE-2025-20387 was published Dec 3, 2025
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer... High Unreviewed
CVE-2025-64298 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure... High Unreviewed
CVE-2025-64642 was published Dec 2, 2025
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user... High Unreviewed
CVE-2025-62575 was published Dec 2, 2025
A local privilege escalation vulnerability exists in the restore mechanism of ASUS System... High Unreviewed
CVE-2025-59373 was published Nov 25, 2025
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the... Moderate Unreviewed
CVE-2025-64996 was published Nov 18, 2025
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due... High Unreviewed
CVE-2025-34323 was published Nov 17, 2025
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... Moderate Unreviewed
CVE-2024-32014 was published Nov 11, 2025
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed
CVE-2024-32010 was published Nov 11, 2025
An ACAP configuration file has improper permissions, which could allow command injection and... Moderate Unreviewed
CVE-2025-6779 was published Nov 11, 2025
An ACAP configuration file has improper permissions and lacks input validation, which could... Moderate Unreviewed
CVE-2025-8108 was published Nov 11, 2025
The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed
CVE-2025-43079 was published Nov 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database